Pages

Monday, 13 August 2012

Forms Based Authentication in SharePoint 2010

There are some much information available to configure Form
Based Authentication (FBA) on net.

I have also followed lots of urls to setup FBA. And finally
succeed to setup FBA. Also my client needs to implement FBA with Windows
Authentication so that he must be able to use Windows Authentication as well as
FBA.

After successfully implementation, I am blogging the same
for others who found difficulties to setup also not able to get FBA users using
PeoplePicker.

1-Create the Membership Database

Forms Based Authentication requires a SQL database to store
the user logon information.

Details:

1. Launch the SQL Server Setup Wizard via the following
command line

C:\Windows\Microsoft.NET\Framework\V2.0.50727\aspnet_regsql.exe.

2. Follow the wizard steps to install and configure the
membership database.

3. IMPORTANT: Note the database name being created.

The database name will be listed on the Confirm Your
Settings wizard screen

2-Configure IIS to access the FBA database

The Forms Authentication data is
stored in the SQL Server created in step#2.
IIS needs to be configured to know where to look for the database.

Details:

1. Launch Internet Information
Services (IIS) Manager

2. Select the top level (machine)
entry (Usually named after the server)

Why here? Creating the connection string at the top
level allows the connection to be

“inherited” by all websites.

3. On the home page (located in the
middle of the IIS Manager), double click the Connection

Strings icon.

4. Add a new connection to point to
the SQL Server and database the membership store is stored in.

a. IMPORTANT: Note the name of the
connection. We use FBAMembershipStore

b. The database name must match the
membership store database name from step#1

c. Be sure to check Use Windows
Integrated Security.

Activate FBA on the SharePoint Web Services
website

The web service also need to authenticate users. If you do not give the web service site
access to the

FBA membership store, your FBA will not work

Details

1.Select Providers for the SharePoint Web Services
site

2.Select .NET Roles from the feature selector and
right click in the screen. Click Add on
the right

click menu.

3.Create a new role provider

a.Set type to SqlRoleProvider.

b.Name the provider. We use FBARoleProvider

c.Select the connection string you created in
Step#2

d.Set the ApplicationName to /

4.Select .NET Users from the feature selector and
right click in the screen. Click Add on
the right

FBA works only with Claim Based
Authentication. It enables authentication from windows as well as non-windows
based systems. This also provides the capability to have multiple
authentication in a single URL.

If you have already created a web
application with classic model and wan to use the same for FBA, Then you first
need to convert it from Classic Mode Authentication to Claims Based
Authentication using below PoweShell cmdLet. This is only one way for this conversion.

Steps to execute PoweShell cmdLet
for the abover conversion are as follows:

A.On theStart menu,
clickAll Programs.

B.ClickMicrosoft
SharePoint 2010 Products.

C.ClickSharePoint
2010 Management Shell.

D.From the Windows PowerShell
command prompt, type the following to set the specified user account as an
administrator for the site: